Stolen VA laptop recovered
Well, ain’t this a coincidence?
The government has recovered the stolen laptop computer and hard drive with sensitive data on up to 26.5 million veterans and military personnel. The FBI said Thursday there is no evidence that anyone accessed Social Security numbers and other data on the equipment.
Veterans Affairs Secretary Jim Nicholson, in announcing the recovery of the computer, said there have been no reports of identity theft stemming from the May 3 burglary at a VA employee’s Maryland home.
The FBI, in a statement from its Baltimore field office, said a preliminary review of the equipment by its computer forensic teams “has determined that the data base remains intact and has not been accessed since it was stolen.” More tests were planned, however.
I’m curious how they’ll confirm that the hard drive wasn’t simply copied en masse, but we might have gotten lucky.
Artwork in place for over 30 years now considered a threat
The ACLU and related groups are suing to have a painting of Jesus that has hung in a West Virginia high school for over 30 years removed. They say the painting sends the message that the school endorses Christianity as its official religion.
I would like to see the judge in this case do something interesting: since the ACLU and friends are making the claim, let them prove it. Force them to find a single verifiable example of students who 1) felt that they were being pressured to join the Christian faith and/or 2) felt the school was even selecting an “official religion” let alone that the school was forcing them along that path.
I’ll wager the vast majority of students attending that school didn’t even notice the painting was there. At least not before the ACLU showed up.
So, if they replaced it with a print of the Van Gogh painting, “The Scream,” would the school be charged with endorsing depression as its official mental state?
So let’s hear from the ACLU and company in finding students of that high school who are in Christian faiths because they saw that painting at the school. If they can’t, then let the painting stay as an example of portrait art that is no less valid because the portrait is of a religious figure.
Veterans Affairs worker who lost laptop may have had permission to take it home
By now most of us are aware of the VA had an employee who took a laptop home that contained thousands of veterans’ personal data on it and had it subsequently stolen. The flap is huge because virtually everything was on there – social security, dates and places of birth, etc. The VA started dismissal of that employee and left most of us with the impression that he had violated policy in taking the stuff home.
Turns out now that he might have been granted permission to do so.
According to internal documents obtained by The Associated Press, the VA data analyst faulted for losing personal data for up to 26.5 million veterans had the department’s approval to access millions of Social Security numbers on a laptop from home.
The documents show that the data analyst, whose name was being withheld, had approval as early as Sept. 5, 2002, to use special software at home that was designed to manipulate large amounts of data.
A separate agreement, dated Feb. 5, 2002, from the office of the assistant secretary for policy and planning, allowed the worker to access Social Security numbers for millions of veterans.
A third document, also issued in 2002, gave the analyst permission to take a laptop computer and accessories for work outside of the VA building.
The story goes on to quote VA officials who say this analyst violated procedure by taking the data home. If the documents discovered are accurate (and authentic, let us not forget) then the violation of policy was performed by the person who provided the permission slips, not the analyst. That doesn’t excuse the analyst from his responsibility for handling the data properly, i.e. making sure the data files aren’t simply left open while he’s not actively working on it, ensuring that the laptop was powered down or at the very least locked when he wasn’t using it, and that he left the unit in a location he could reasonably expect was secure. The mere act of taking the laptop home, however, appears to have had the sanction of VA officials and that would mean that the theft doesn’t automatically equate with a screw-up on his part.
If the documents hold up then the person who made those approvals is the screw-up and should be fired in a very public way. I can understand completely that the analyst might want to work on that stuff at home or at least have the ability to do so. There are several ways to allow this without having that data stored on a mobile device that’s taken outside of the secure facility. The VA knows better, I know for a fact. They had better get their shit together as of yesterday and put the systems in place that don’t require the carriage of veterans’ private data outside the secure walls of their data center.
Dodging another celestial bullet
On July 3rd a chunk of rock a half-mile wide will pass by the Earth at a distance just past the Moon’s orbit. In celestial terms, that’s like someone shooting a bullet at you and missing, but coming close enough to put a hole in your jacket. It could’ve been worse:
Although initially there were concerns that this asteroid might possibly impact Earth later this century and thus merit special monitoring, further analysis of its orbit has since ruled out any such collision, at least in the foreseeable future.
I remember the ballyhoo this discovery caused back in December 2004. For those of us looking ahead, here’s another interesting tidbit:
The latest calculations show that 2004 XP14 will pass closest to Earth at 04:25 Universal Time on July 3 (12:25 a.m. EDT, or 9:25 p.m. PDT on July 2).
The asteroid’s distance from Earth at that moment will be 268,624 miles (432,308 km), or just 1.1 times the Moon’s average distance from Earth.
Spotting 2004 XP14 will be a challenge, best accomplished by seasoned observers with moderate-sized telescopes.
On April 13, 2029, observers in Asia and North Africa will have a chance to see another asteroid, but without needing a telescope.
Asteroid 99942 Apophis, about 1,000 feet (300 meters) wide, is expected to be visible to the naked eye as it passes within 20,000 miles (32,000 km), inside the orbits of geosynchronous communications satellites.
I’m thinking that we need to reassess the priority of working up a viable anti-asteroid defense grid real soon, hmmm?
Report says many e-voting systems are flawed
A task force for voting systems put together by NYU’s Brennan Center for Justice has issued a report concluding that a lot of the electronic voting systems in use (or proposed for use) are flawed, mostly due to rather simple security features and policies that haven’t been implemented.
The most widely used electronic-voting systems all have flaws that can be addressed relatively easily, but few states and counties have actually implemented recommended security measures, researchers concluded Tuesday.
Even the printing of paper records _ widely seen as a countermeasure to hacking and other attacks on ATM-like touchscreen machines _ does little good if audits aren’t routinely and automatically performed, researchers said. Their report said that fewer than half of the 26 states requiring paper records also require regular audits.
The report, based on interviews with elections officials and analyses of voting systems, came from the Task Force on Voting System Security convened by New York University’s Brennan Center for Justice. Task force members were from government, universities, security companies and nonprofit advocacy groups.
I have written on the topic of electronic voting before and the vast majority of what I suggested almost 2 years ago is still completely valid. In fact, the advances in the various technologies I work with have only made it easier to do what I suggested and the security provided is even better than it was at the time. The weak link is, as always, the human element. The one item the task force chose to hammer home was the propensity of voters to simply not look at the paper audit trail even when it’s available. This is a user education issue and it’s pretty simple to handle. The poll workers have a big sign up at every check-in table that shows what the screen looks like and a big honkin’ arrow pointed to where the paper audit receipt comes up. “Check to make sure what’s on the paper is how you voted,” should be all the instructions someone needs.
The task force also mentions a couple of items for any voting machine in use. First, they suggest banning wireless components on the voting machines. This, too, is a facet of my day job and I’m very capable of weighing in as an expert on the topic. So let me dispense with this little myth – it’s quite possible to secure a wireless link to a degree of confidence that running voting machines over it shouldn’t concern anyone. NSA-level resources can probably crack the security I’m talking about given the time. The issue is whether they can do it in time to do them any good. You see, intercepting the wireless transmission and cracking it will certainly tell them what was communicated by the voting machine to the base unit. So what? Seeing what the vote was does nothing. The whole danger is someone getting in there and changing votes or adding them. I submit (without getting into details, of course) that such a wireless link can be secured to the point where it will take longer to crack the security than they have to screw with the election. And if they bust the security keys on election day in 2006 that does them precisely zero good for election day 2007.
So, we can secure a wireless link. Better question: why would we need to? Wireless links are great for allowing network connections to places where you can’t or don’t want to run hardlines or cable connection. Is a voting location one of those? I think not. You generally have all the necessary machines in one room – a gym or a cafeteria – and they usually are in plain sight of one another. What’s the problem running network cables between them? Nothing, that’s what. So you run the cables between each one and a central switch, hook the switch to a router, the router to an outbound circuit and away you go. No wireless required. And since there’s no good reason to include it, you mandate that it is not included. Good call by the task force.
The second thing specifically mentioned is that the machines should be tested on election day in real conditions. I would think this would be standard operating procedure for a voting machine of any kind, electronic or otherwise. A complete morning-of test with a clearly bogus test ballot running the entire sequence – voter interaction with the machine, paper trail, audit check, data transmission, vote tally and report – should be considered a mandatory requirement every election day. It can work, we do it all the time for other critical systems.
I would add 1 other thing to the mix. The people responsible for handling the network connections and connective devices as well as the oversight of the software developers should be cleared personnel. They should undergo background checks and be well aware of the penalties for attempting to skew an election. There should be layers of overlapping oversight and as much care as possible should be taken to avoid situations where people can cooperatively defraud. The financial institutions have a lot of good procedures in place to assist them in this regard and they would work well in this case, too.
What’s that big bright thing up there in the sky?
After nearly a week of constant rainfall I looked out the window this morning to see a large, bright object in the sky. Now what could that be? Oh… wait… I remember that. It’s called the… (hmmm) Oh yes! The Sun!
The rainfall out here has been literally record-breaking. WTOP News out here in DC has this to say on the matter:
For the second day in a row, enough rain fell to break records for Ronald Reagan Washington National Airport and Dulles International Airport.
On Monday, 4.22 inches of rain fell in Washington, breaking the old record of 2.62 inches set in 1942 for June 26. At Dulles, 1.92 inches fell, breaking the 1978 record of 1.91 inches.
Sunday’s 5.19 inches of rain set a new Washington record for June 25, breaking a record of 1.6 inches set in 1871. Monday’s rains also broke records for Dulles and Baltimore. At Dulles 5.94 inches fell, breaking the record of 1.66 inches set in 1975. At BWI, 2.75 inches of rain fell. The old Baltimore record was 1.95 inches set in 1872.
Since Thursday, National has received 10.27 inches of rain. For the year, 23.99 inches of rain have fallen, giving Washington a surplus for the year of 4.83 inches.
At Dulles, there’s a surplus of 1.38 inches. Of Dulles’ 21.75 inches of rain this year, 9.37 inches has fallen since Thursday.
This time last week I was listening to a report about how the rainfall deficit was making for possible wildfire conditions since the wooded areas were so dry. Guess that got handled. I’ve seen some of my neighbor’s yards turned into creekbeds from the rainfall and one of them lost a tree that simply fell over. And it’s not over yet.
One of the things about this kind of rainfall is that the water that fell upstream in creeks and rivers doesn’t all just flow down immediately. The rising water takes time to reach spots downstream and that’s what’s happening right now in Maryland. In Rockville, MD the authorities have performed a mandatory evacuation of an area near Rock Creek Park due the dam at Lake Needlewood showing signs of potential failure. At 25 feet above normal, the lake could put roads in the area under 6 feet of water should the dam fail.
DC has declared a state of emergency and the federal government is offering unscheduled leave to government employees.
Hopefully, the weather pattern will normalize a bit and allow the water to run off before hitting us again. It’s summer in the DC area, however, and “normalized” usually includes afternoon “pop-up” thunderstorms. We’ll have to see.
Treasury Secretary John Snow goes public about NYT’s Keller
Finally! A senior government official is coming out swinging against the New York Times treasonous behavior. In response to NYT’s Bill Keller’s letter of explanation as to why he feels completely justified in disclosing classified information, outgoing Treasury Secretary John Snow has written a letter of his own confronting Bill Keller’s obvious falsehoods. From Power Line:
Dear Mr. Keller:
The New York Times’ decision to disclose the Terrorist Finance Tracking Program, a robust and classified effort to map terrorist networks through the use of financial data, was irresponsible and harmful to the security of Americans and freedom-loving people worldwide. In choosing to expose this program, despite repeated pleas from high-level officials on both sides of the aisle, including myself, the Times undermined a highly successful counter-terrorism program and alerted terrorists to the methods and sources used to track their money trails.
Your charge that our efforts to convince The New York Times not to publish were “half-hearted” is incorrect and offensive. Nothing could be further from the truth.
Over the past two months, Treasury has engaged in a vigorous dialogue with the Times – from the reporters writing the story to the D.C. Bureau Chief and all the way up to you. It should also be noted that the co-chairmen of the bipartisan 9-11 Commission, Governor Tom Kean and Congressman Lee Hamilton, met in person or placed calls to the very highest levels of the Times urging the paper not to publish the story. Members of Congress, senior U.S. Government officials and well-respected legal authorities from both sides of the aisle also asked the paper not to publish or supported the legality and validity of the program.
And that’s just the start. Go have a read of the whole letter. This isn’t a guy who knows a guy who heard of a guy who was involved. This man is one of the high-level government officials Keller referred to in his dismissive letter. This man knows what happened because he was there and he comes across as a helluva lot more credible than Keller ever dreamt of being.
Now, let’s get some subpoena’s out there for these guys and find the little bastards who’ve been leaking this stuff to the Times.
(Update: Here’s a link to the whole text of the letter over at National Review, just in case.)
CO Univ Chancellor to recommend firing Churchill
The Chancellor of the University of Colorado will recommend firing plagiarist, forger, and all-around slimewad Ward Churchill due to Churchill’s “pattern of research misconduct committed over a period of time.” Another member of academia shows both backbone and common sense!
The top official at the University of Colorado’s flagship campus on Monday recommended that the school fire the firebrand professor who compared some of the World Trade Center victims to a Nazi and later was accused of academic misconduct.
Ward Churchill has displayed “a pattern of research misconduct committed over a period of time,” Interim Chancellor Philip DiStefano said.
Churchill, who did not return telephone messages, has 10 days to appeal the recommendation to a faculty committee. A tenured professor of ethnic studies, he has denied allegations of plagiarism and other misconduct and has called the school’s investigation a joke.
Readers of this blog will have no issue determining where I stand on “Professor” Churchill’s status. I’ve written a number of posts about this excuse for a member of our academia and the thought of him getting his lying butt booted to the curb in full view of a public he’s snookered for years is one of the more warm and fuzzy thoughts I’ve had in months. I only hope the little fraud does decide to sue in open court. Having him scramble to try to prove all the lies and excuse all the thieving he’s done would be an interesting side show and a vital glimpse for most Americans into the state of our university systems.
NY Times’ Keller “explains” his treason
It should be no news now to anyone even remotely watching the news these days that the NY Times has once again chosen to publish the details of a classified (that’s spelled s-e-c-r-e-t) program wherein the US Intelligence services were tracking international banking transactions in order to track terrorist movements and identify cells. Bill Keller, the editor at the NYT who immediately went into hiding on vacation the second the story published has put out an explanitory letter in an effort to defend his decision to violate federal law.
I was going to comment at length on this putrid waste of electrons but there are sharper minds at work on the matter and I’m going to direct you there. First up, Hugh Hewitt fisks the letter quite effectively.
The avalanche of criticism directed at the Times is not half-hearted, and it is almost completely prompted by the assertion of the paper’s right to publish anything it wants combined with the possibility of helping the terrorists.
At a minimum, terrorists now familiar with the captured colleagues who were discovered through this program will study what those terrorists did and take pains not to use the same financial systems.
Other terrorists will simply note that what they might have thought secure is not. This is “pretty elemental stuff,” I know, but Mr. Keller can either believe terrorists are smart or they are stupid, but not both when it suits him.
Glenn Reynolds at Instapundit makes good points:
I realize that the Times’ circulation is falling at an alarming rate, but it hasn’t yet reached such a pass that its stories are only noticed when Rush Limbaugh mentions them.
A deeper error is Keller’s characterization of freedom of the press as an institutional privilege, an error that is a manifestation of the hubris that has marked the NYT of late. Keller writes: “It’s an unusual and powerful thing, this freedom that our founders gave to the press. . . . The power that has been given us is not something to be taken lightly.”
The founders gave freedom of the press to the people, they didn’t give freedom to the press. Keller positions himself as some sort of Constitutional High Priest, when in fact the “freedom of the press” the Framers described was also called “freedom in the use of the press.” It’s the freedom to publish, a freedom that belongs to everyone in equal portions, not a special privilege for the media industry.
Austin Bay sums things up nicely:
The Times, apparently, told the story because it could and because it thinks it can get away with it.
Indeed. Have a read of these guys today and ask yourself, if you’re subscribing to the NY Times, why are you financing the intelligence-gathering service of terrorists the world over?
Saddam apparently hitting the bottle for breakfast
Saddam Hussein apparently believes he’s the only man capable of bringing stability to Iraq. Sure he is. Assuming you define stability as the consistency of belief that you and your family can be killed at any moment on the whim of some sadistic psycho. Your daughter, of course, will be raped repeatedly before she’s killed, but at least they’re consistent.
His lawyer relates this lovely little gem:
Al-Dulaimi said Saddam brought up the topic during a meeting Tuesday, and indicated he would be willing to help the United States — “for the sake of saving both peoples — the Iraqis and Americans.”
Welllllllll, isn’t that precious? Saddam is all concerned about saving Iraqis and Americans. And who wouldn’t believe that? I mean all he did was order the executions of thousands of Iraqis and offer shelter and assistance to people whose explicitly stated mission in life is to kill Americans. Shows a real compassion, don’t it?
Save your concern for yourself, Saddam. You’re gonna need it.
About
HoodaThunk? has moved to a new location: http://www.hoodathunkblog.com as of April 22, 2009. Please come over and visit us there.
Spotlight
Virginia ’09 Elections
Notice!: Contributions to campaigns of currently seated VA General Assembly members and statewide officers are not accepted while the General Assembly is in session per §24.2-954.
Bob McDonnell
Governor of Virginia
Bill Bolling
Lieutenant Governor of Virginia
Networks
Blogroll
StatCounter
Ric's Twitter
